From: Fastjack@yabbs
To: cosmos@yabbs
Subject: re: PW cracker
Date: Sun Jan 23 16:24:15 1994
Ok cosmos...
    *sorry* for the _misunderstanding_.  Guess I should stop trying to 
admin and just get back to cracking.  I was in err; it is indeed possible 
to go root on *many* machines utilizing well-known security holes.  It 
must be remembered that any site w/o a shadowed passwd file is <unlikely> 
[to put it midly...heheheh] to apply the patches that CERT deems 
necessary.  Now that we have gotten past that point, why don't we discuss 
something interesting, like what you'd do with root once you had it.  
Besides the obvious, like set up an account for yourself (if no cron job 
runs to diff it w/ the hidden backup) read mail spool (booooooring) erase 
yourself from audit logs (ho hum, ho hum).  Other that utilizing existing 
gains to allow further penetration, what is there?  From someone who has 
experienced the phenomena of avatar, it ain't all it's cracked up to be.  
I'd like to hear some thoughts-- personal opinions; no flame wars because  
someone doesn't follow you 4 step process for cracking systems.  And 
cosmos, just how long have you yourself been on  Unix boxes, eh?
                                                    Fastjack